Security considerations

The ENQ/RESERVE/DEQ monitor tool runs authorized as either a batch job or a started task. If the security administrator does not protect it, any unauthorized user can submit a job to start the monitor and gather ENQ and DEQ data. To prevent unauthorized users from doing this, use the RACF® PROGRAM class to protect the ISGAUDIT program in SYS1.LINKLIB.

For detailed information about protecting global resource serialization services:

z/OS Planning for Multilevel Security and the Common Criteria

For information about using the z/OS® Security Server RACF program control and the PROGRAM class:

z/OS Security Server RACF Security Administrator's Guide